Privacy Policy

Last updated: December 2024

This Privacy Policy explains how creditauzf B.V. ("we", "us", or "our") collects, uses, and protects your personal information when you visit our website or use our services. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR).

Data Controller Information

creditauzf B.V. is the Data Controller for the personal data we process. Our contact details are:

Company: creditauzf B.V.
Registration Number: 68432597
VAT Number: NL697245831B148
Address: Kastanjelaan 27, 9776 ZP Groningen, Netherlands
Email: privacy@creditauzf.life
Phone: +31 408794571

Data Collection

The data we collect includes personal information that you provide to us directly and information that we collect automatically when you use our website or services. This includes:

Contact Information: Name, email address, phone number, and postal address
Appointment Information: Service preferences, appointment dates and times
Health Information: Skin type, allergies, medical conditions relevant to beauty treatments (with your explicit consent)
Website Usage Data: IP address, browser type, pages visited, time spent on pages
Communication Records: Records of our correspondence with you
Payment Information: Payment details for processing transactions (processed securely through our payment providers)

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

Contract Performance: To provide beauty services and fulfil our contractual obligations
Legitimate Interest: To improve our services, website functionality, and customer experience
Consent: For marketing communications and processing sensitive health data
Legal Obligation: To comply with applicable laws and regulations

How We Use Your Information

We explain how we use your information for the following purposes:

Service Delivery: To provide beauty treatments and consultations
Appointment Management: To schedule, confirm, and manage your appointments
Communication: To respond to your enquiries and provide customer support
Safety and Health: To ensure treatments are safe and suitable for your skin type
Business Operations: To manage our business, improve our services, and maintain records
Marketing: To send promotional materials about our services (with your consent)
Legal Compliance: To comply with legal obligations and protect our rights
Website Improvement: To analyse website usage and improve user experience

Data Sharing

We do not sell your personal data to third parties. We may share your information with:

Service Providers: Third-party companies that help us provide our services (payment processors, appointment scheduling systems)
Professional Advisors: Legal, accounting, and other professional advisors
Regulatory Authorities: When required by law or to protect our legal rights
Business Transfers: In the event of a merger, acquisition, or sale of our business

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected:

Client Records: Retained for 7 years after your last appointment for health and safety purposes
Marketing Data: Until you withdraw consent or we no longer have a legitimate need
Website Analytics: Typically retained for 26 months
Financial Records: Retained for 7 years as required by Dutch law
Communication Records: Retained for 3 years or until resolved

Your Rights

Under GDPR, you have the following rights regarding your personal data:

Right of Access: Request a copy of the personal data we hold about you
Right to Rectification: Request correction of inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data in certain circumstances
Right to Restrict Processing: Request limitation of how we use your data
Right to Data Portability: Request transfer of your data to another service provider
Right to Object: Object to processing based on legitimate interests or for direct marketing
Right to Withdraw Consent: Withdraw consent for processing that requires your consent
Right to Lodge a Complaint: File a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit and at rest
Regular security assessments and updates
Access controls and staff training
Secure storage and backup systems
Regular monitoring for security breaches

Cookies and Tracking

Our website uses cookies and similar tracking technologies. For detailed information about our use of cookies, please see our Cookie Policy.

International Transfers

We primarily process your data within the European Economic Area (EEA). If we need to transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us using the following information:

Privacy Officer

creditauzf B.V.

Kastanjelaan 27, 9776 ZP Groningen, Netherlands

Email: privacy@creditauzf.life

Phone: +31 408794571

We will respond to your request within one month of receipt, or within two months if the request is complex or we receive multiple requests from you.